Moodle CVE-2014-3544 Cross Site Scripting Vulnerability
BID:68756
Info
Moodle CVE-2014-3544 Cross Site Scripting Vulnerability
| Bugtraq ID: | 68756 |
| Class: | Input Validation Error |
| CVE: |
CVE-2014-3544 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 21 2014 12:00AM |
| Updated: | Apr 13 2015 09:56PM |
| Credit: | Osanda Malith Jayathissa |
| Vulnerable: |
Moodle Moodle 2.6.3 Moodle Moodle 2.6.2 Moodle Moodle 2.6.1 Moodle Moodle 2.5.6 Moodle Moodle 2.5.4 Moodle Moodle 2.5.2 Moodle Moodle 2.5.1 Moodle Moodle 2.4.10 Moodle Moodle 2.4.8 Moodle Moodle 2.4.6 Moodle Moodle 2.4.5 Moodle Moodle 2.4.4 Moodle Moodle 2.4.3 Moodle Moodle 2.7 Moodle Moodle 2.6 Moodle Moodle 2.5.5 Moodle Moodle 2.5.3 Moodle Moodle 2.5 Moodle Moodle 2.4.9 Moodle Moodle 2.4.7 Moodle Moodle 2.4.2 Moodle Moodle 2.4.1 Moodle Moodle 2.4 |
| Not Vulnerable: |
Moodle Moodle 2.7.1 Moodle Moodle 2.6.4 Moodle Moodle 2.5.7 Moodle Moodle 2.4.11 |
Exploit / POC
Moodle CVE-2014-3544 Cross Site Scripting Vulnerability
An attacker can exploit this issue by enticing an unsuspecting user to follow a malicious URI.
An attacker can exploit this issue by enticing an unsuspecting user to follow a malicious URI.
Solution / Fix
Moodle CVE-2014-3544 Cross Site Scripting Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Moodle CVE-2014-3544 Cross Site Scripting Vulnerability
References:
References: